Search

Saturday, November 13, 2010

Bill's Recommendations - Cisco RV-120W VPN Firewall Router

A few weeks ago I purchased a Cisco RV-120W VPN Firewall Router based on it’s advertised features and unbeatable price. The unit was brand-new, first release. Now I know that you should never buy the first release of a product but I fell into the trap of promised features. Here is my story.

I received the unit and was surprised at how small the unit was. I un-boxed and began to setup the unit using my laptop. After reading some of the documentation to make sure I was proceding in the right direction I was amazed at how easy the SSL-VPN was going to be to setup. I finished the setup in about 15 minutes using the data I collected from the business I was going to deploy this to and began testing on my home network. Everything went well for over a week, no problems. Then came the deployment day.

I had not issues deploying the unit, all the settings were pre-configured so it was pretty much a drop in and ready to go network upgrade. I then trained the person in charge of doing first line support on how to setup the SSL-VPN client on client machines. After running through some tests of the WiFi network and other services, I was confident that everything was going well and the project was completed. The only thing I found that was bad was 1 port on a 24 port switch had died, and was no longer usable. Good thing this office only had 5 computers now and not 23. I got excited too soon.

It wasn’t even a week before I recieved a call from one of the users stating that they were getting strange “Page Cannot Be Displayed” and random other errors when more than a few websites were open. It effected everyone on the network, not just one user. I was at first suspecting intermittent connection problems related to the bad switch port I discovered during the deployment. I did some troubleshooting from my home using the SSL-VPN client that came with the unit and had no issues connecting. I began to do some web surfing on their server and openend up a few websites, the final one giving me a 404 error. Odd. I then connected to another workstation, same issue. Very odd. Time to do some research.

I searched the Cisco support forums and Google for articles related to this issue and found an article that matched the issue to a T. Turns out that you have to disable the UDP Flood option, which enabled by default on the current revision (12 I think). I guess 25 UDP connections TOTAL are all that Cisco found fit to allow on a small business network. In my case, on a small 4 computer 1 server LAN, only a couple of pages per client could be opened simultaneously. Cisco FAIL. https://supportforums.cisco.com/message/3179822

This was an easy fix, although annoying, easy to fix problem. The client noticed the change almost immediately and was happy. Then a call comes in a few days later. Now another new issue has cropped up. Corrupted e-mail attachments. Dropped RDP connections (wasn’t experiencing those)

Now I went back and did some more searching, finding another article on Cisco’s support forums. Seems that others are having the same issue, and that there is no known fix for it.
https://supportforums.cisco.com/message/3179822 .

Strike two. In my world, your outta there! I called the customer back, apologized for the trouble and took a trusty WRT54G DD-WRT-enabled router down there the next day. I ended up sending back the Cisco RV-120W to newegg for RMA and began the process of finding a solid replacement. I found one that did everything I needed it to do, minus the SSL-VPN client (I went with another solution that was easier for the client) and that product was the Asus RT-N12 router. I installed DD-WRT v24 SP2 on the unit, and it has been running solid ever since. It's also a very nice router with the stock firmware as well.

I have been really disapointed with the product that Cisco put out with the RV-120W series small business VPN router. I fell into the trap of the brand and features, as well as the attractive price. As of right now, I consider the RV-120W to be junk and not worth buying until the Cisco engineering team can fix these issues without creating new ones with a solid firmware release/upgrade. Until then, I do not recommend this unit to anyone.

Thursday, October 21, 2010

APC Back-UPS XS1000 2 Beeps Issue

I recently purchased a APC battery backup unit for a customer of mine. The price I paid for this battery backup did not match up with the features and design of this particular UPS, it was rather cheap compared to similar models. The APC Back-UPS XS1000 is a sleek 600 watt UPS with a bright blue LCD back lit display and quite a list of great features.

I did have one initial issue with the unit. About 48 hours after charging the unit and submitting it to a low 35w power draw (laptop) for a few hours, the unit began to beep twice every couple of seconds. No errors or events registered on the unit and all the measurements were not showing any signs of trouble, but the battery was depleting rapidly. APC UPS units normally will beep four times every 30 seconds or so when running on battery, or if they flat out fail, one long beep is what I have always heard.

I was pretty upset that with it being new and already having problems with it. After some quick searching the APC forums and Google, it seems that this is a common issue with this new UPS. The fix that worked for me is as follows:

1. Turn off the UPS using the power button.
2. Un-plug the UPS from the wall.
3. Remove the battery from the UPS.
4. Let the UPS sit with the battery removed for 5-10 minutes
5. Re-insert the battery.
6. Plug in the UPS.
7. Power the UPS on.

You should now see that the battery has been drained (weird I know) and that the UPS is charging back up. What I also did to test this fix was to connect a cable modem and wireless router to the unit drawing a constant 5w of power to wait to see if the 2 beeps returned. So far, the unit has been sitting for 5 days now, and the beeping has not returned. The unit must have a logic controller that is faulty when turned on initially and needs reset.

Over all I am very pleased with this unit, it seems to be a good UPS once this issue is fixed. Hopefully APC will find the problem and fix for the next product revision.

Sunday, August 29, 2010

Bill's Recommendations - Virtualize The Server Room

I am a HUGE fan of virtualization, and have been since the early days of VMware Workstation and Microsoft Virtual PC. The first time I had ever tried VMware I was amazed and saw the potential of using this technology in a business and even home environment. I used Virtual PC 2004 and 2007 in college for home work assignments dealing with my server operating system classes because I didn't have the money to build a 'real' test lab at home. At work, I utilize VMware workstation for advanced networking capabilities to build virtualized test networks complete with a working clients, AD/DNS, and a Microsoft System Center Essentials server....all from a Acer laptop.

With the advent of products such as Intel and AMD VT enabled CPU's accompanied with free VMware & Microsoft Hyper-visor offerings, virtualization has begun to be seen more and more in IT environments. The advantages I always tell customers about are the costs savings and robust backup and recovery features of utilizing a virtual environment.

When I talk about cost savings, I am talking about reducing the amount of hardware needed to setup a server or group of servers. What used to take 2-3 physical boxes to run a basic small business network for file/printer sharing, AD/DNS and Exchange Email now can be done with one server using virtualization. (I know that a Microsoft Small Business Server 2003/2008 can do all 3 of those services, but for a business that has more than 50 computers you would typically see 3 different servers, at least in my experiences I have.)

As for backup and recovery features, virtual machine images can be migrated and backed up quickly and easily. Just look at VMware's Vmotion and Vsphere products. These products are really exciting and for investment up front, the return in my opinion is real disaster recovery solutions that have been proven. I recommend looking at VMware's products, they are the most robust and supported virtualization product out there, but Microsoft's Hyper-V product isn't far behind.

Bill’s Review - Sprint HTC EVO - The World’s First 4G Phone *UPDATE*

In my previous post, I stated the following:

"Now to my one gripe about the Spring HTC EVO 4G. The phone seems to be
slightly crippled. The phone features a app called “Sprint Mobile Hot
Spot” which is a feature I was VERY excited about using on the job. The
feature is available on other carriers newer android phones and it
enables the phone to act as a small wireless access point, connecting
your laptop to the Internet without tethering via your own portable
wireless network.
This feature is what caused Steve Jobs iPhone 4 launch to have some problems while demonstrating it’s features.
(I would like to note that the phone itself was not the problem, but
the fact that there were a lot of overlapping Wi-Fi hot spots created by
these types of phones.) This feature has lots of handy uses, but then
again, there are so many wireless networks out there now that one would
be hard pressed to not find a hot spot to use.
"

After some discussions with a co-worker and some light reading, I found an answer to my issue. The following link contains an article found on the website Engadget that discusses this very issue.

So it is true that Sprint has disabled this feature and will be requiring a $29.99 activation fee. It was working for a short period of time on 4G networks only according to the article mentioned above, but that was dated in July and it is now the end of August. If I had to take a logical guess as to why Sprint and probably other carriers that have this feature on newer android phones have disabled it by default and are requiring an additional activation fee would be the fact that the carriers network is not currently capable of handing the increase in data traffic. Maybe soon the networks will catch up to the demand for data connectivity.

Friday, August 13, 2010

Bill’s Review - Sprint HTC EVO - The World’s First 4G Phone

Yesterday I finally had an opportunity to dump a HTC Windows Mobile device for a Sprint HTC EVO 4G Android. It has been 24 hours since I first turned it on and it has been field tested today while at work. I have to say, I can see why the Android-based phones will soon overtake the market beating out the iPhone 4. There’s only one minor thing that I have about Sprint which I will get into later in the post. It has nothing to do with the phone itself, just service.

So far, my experiences have been great and I found setting up email through an Exchange account to be a breeze, syncing all contacts, calendar appointments and mail quicker than my old Windows Mobile phone. I have already been able to add apps that help me do my job quicker and more efficiently by using the App Store.

The speed of the phone with Android 2.2 is very pleasing. I have not managed to lock up the phone as of yet while running multiple apps. I am also impressed at how slim the phone is and the size of the screen. It is visibly larger than the iPhone 4 and the screen to me seems equally vibrant and bright. The power button is a little annoying to me. It is very small and I find it hard to turn the phone on at times, but then again I have large fingers and the button is small. Every other button is easily accessible and responsive. I do recommend that if you have larger hands, go with a larger phone, the on-screen keyboard is easier to type on.

Now to my one gripe about the Spring HTC EVO 4G. The phone seems to be slightly crippled. The phone features a app called “Sprint Mobile Hot Spot” which is a feature I was VERY excited about using on the job. The feature is available on other carriers newer android phones and it enables the phone to act as a small wireless access point, connecting your laptop to the Internet without tethering via your own portable wireless network. This feature is what caused Steve Jobs iPhone 4 launch to have some problems while demonstrating it’s features. (I would like to note that the phone itself was not the problem, but the fact that there were a lot of overlapping Wi-Fi hot spots created by these types of phones.) This feature has lots of handy uses, but then again, there are so many wireless networks out there now that one would be hard pressed to not find a hot spot to use.

It seems that Sprint has taken upon themselves to disable this feature on the phone along with the built in USB tethering feature. From what I have read from other sources, Sprint is requiring those who want to use this feature pay an addional $29.99 per month on top of their current data plan. This is silly and in my mind a little shady of them to do this. If a person is already paying for a data plan, the feature(s) should be available. I am in contact with a vendor who may be able to explain this to me and give me a definite answer. I will post what I find.

Wednesday, May 19, 2010

Bill's Recommendations - Team Viewer 5

Have you ever had a situation where you are trying to explain something to a friend, family member or co-worker about a computer program, troubleshooting a error, or removing that latest nasty piece of malware? I know I have. Ever thought that there has to be an easier and cheaper way of quickly helping them without the need to waste 20 minutes explaining how you are going to connect to their PC over the internet? Look no further, enter TeamViewer 5.

TeamViewer 5 is a remote support utility and is very similar to GoToMyPC/Meeting, LogMeIn Rescue/Pro but offers a free, non-comercial license which makes it an ideal tool for the accidental IT support guru.

Features that are available in the non-comercial use free version include VoIP, web cam sharing, file transfer and email invitations. The free version also offers a no installation client so you can connect with very little effort on the part of the person being supported. You can also obtain useful system information about the remote computer with just a few clicks.

This software is ideal for the support tech or free lance consultant that needs to quickly support a remote user and do it on the cheap. The full version offers many more useful features if you support multiple clients and need even faster unattended access to a remote system, very similar to the paid version of LogMeIn, which is an equally supierior product I also use.

My experience with this products performance has been astounding, I have used it quite a few times now without any issue, and found the free version to meet the need for the minor support tasks I have had to do. I highly recommend this product and hope they keep up the good work and continue to produce a great product.

You can find out more about this product by going to http://www.teamviewer.com .

Saturday, April 10, 2010

How to Reset a BIOS Password on a Acer Aspire 5610z Laptop

Just the other day I was asked to fix a laptop that would not boot up any longer using Vista. When I recieved the notebook I tried first to boot to a Vista CD from Acer to attempt to recover the OS from the endless loop of reboots. I found that the CD would not boot. "No problem." I thought, "I will just change the boot priorities and have my way with this laptop!" Well, the laptop came out swinging and punched me in the nose. I encountered a dreaded BIOS password. Of course, it's not known what that password is. I then decided to reach for the proverbial baseball bat (a google search) to see what I could find. Sure enough, I found the bat here http://forum.notebookreview.com/showthread.php?t=265197. This forum helped a lot with this issue, but the instructions were kind of confusing at first, so I thought I would include the steps I took to reset the password. I will try to post a video later.
Here are the steps that worked for me. BEWARE, if you do not feel comfortable working on your laptop, take it to a professoinal. I am not repsonsible for your mistakes!
  1. Disconnect all power from the laptop, including removing the battery pack.
  2. Aquire these tools
    1. Precision screwdriver set
    2. Small piece of copper wire about 3"-4" inches (single strand from CAT5e works great!)
    3. A table to work on.
  3. Next, turn the laptop over, screen facing down on the table and proceed to remove the large cover that shields the fan, CPU, wifi card, and RAM.
  4. Remove both sticks of RAM from the DIMM slots.
  5. Locate on the board a small cell that has the markings "J3" next to it.
  6. Locate a small silver square on the board under the bottom DIMM slot a marked "CMOS". You will noticed that it appears attached to the bottom DIMM slot.
  7. Strip the coating off both ends of the small piece of copper wire, exposing the copper conductor.
  8. Touch the wire ends to the J3 cell (small gold square) to the CMOS cell (small silver square under bottom DIMM slot). This will short the CMOS, resetting it.
  9. Reinstall the RAM, cover and battery to thier original locations and making sure all screws are back in place on the cover.
  10. Turn the laptop back over, plug in if necessary and press the power button. At the Acer splash screen press the "F2" key on your keyboard to enter the BIOS. The password should now be gone.
Those ten steps are what I took to remove the BIOS password. I hope this helps and I will also supply a link to a video once I get the audio fixed.

Wednesday, January 20, 2010

Bill's Recommendations - Mitigating A Employee Termination

As a Information Security professional, one of your major duties will involve risk mitigation to your organizations IT infrastructure. Those risks are both external and internal. Believe it or not, you are more likely to suffer a internal attack than that of a external attack. The internal threat happens commonly at the time of a termination of an employee. Here are some scary statistics for you to look at from a blog over at ComputerWorld.com. A common theme from research I have done revolves around communication issues between Human Resources (HR) and Information Technology (IT) departments.

Here's a scenario to consider:

---------------------------------------------------------------------------------------------------------------------------------------

You're a Network Administrator for a local company. Every morning (or evening!) you come in and check your email, grab some coffee or Mt. Dew, check your email again, and start to perform your everyday duties of monitoring, working with resources and active directory and backup duties along with the mountain of projects all IT people have. But I digress......

As you are walking through the halls you notice a office or cube that was previously occupied is empty. You proceed to ask the neighbor closest to them who was in there and the reply is, "Oh, didn't you hear? Joe (or Jane) left the company last week." -OR- "Oh, didn't you hear? Joe (or Jane) was fired last week and made a big scene. It was like watching a bad soap opera......." BUT you stop listening because you are in panic mode right?!?! Your network has had a possible security breach for that period of time and it's still happening right now. You rush off to your HR department to verify.

---------------------------------------------------------------------------------------------------------------------------------------

This situation can be mitigated by opening the communication channels between HR and IT. One should begin by educating the HR department on the threat and risks to data and resources associated with delaying notification to IT a employee termination. You should work with them on a notification process and time table in which they need to notify IT.

Here are some suggested steps to follow when alerted of a pending termination:

1. Immediately disable the employee's user accounts and access to resources. DO NOT DISCUSS WITH ANYONE! It is imperative that confidentiality be maintained during this process. You do not want to alert the employee to pending action(s) because they may begin malicious activities such as deleting data or becoming violent in the workplace.

2. Inform HR that access has been disabled. Request that security or management be present at the time of action. It is important that a procedure be in place for this part. A best practice would be to instruct the employee to cease current activity and to back away from the system and then escorted to HR. The employee should be escorted to and from any point during the termination phase.

3. Perform a full backup and audit of the system. It's also a good idea to check for any encryption software that may be installed. This could bite you badly if the system is turned off and the encryption software requires a password. If encryption exists, request/require that the employee provide the keys used for encrypting and decrypting.

Here are some suggested steps when alerted of a pending voluntary departure:

1. Work on documenting what that employee knows about systems they worked with. I can't tell you how many times I was in a situation where a previous employee knew the ins and outs of a system, network, or wiring infrastructure where there was no documentation when they left or were fired. This can be a major source of frustration for a tech or admin.

2. Ask the employee to train someone on the basics of what they do. This may or may not work, depending on the employee's attitude towards leaving or co-workers. It doesn't hurt to ask.

3. Prepare for the departure. Make a list of assets that will need to be returned and audit afterwards to ensure everything has been returned to the organization. It wouldn't be good have that $1000 laptop go missing and throw a budget out of whack!

4. Keep the Lines of Communication Open. One never knows when a question may come up that only the former employee would know. Maybe they could become a future consultant?

Every organization handles these situations differently. This post just offers some basic suggestions on how to mitigate a possible internal threat to your data and network infrastructure. Here are some links to additional information, both really good articles:

How to Fire an Employee - By Andy Weeks - TechRepublic.com

http://articles.techrepublic.com.com/5100-10878_11-5032613.html

Don't Overlook This Easy-To-Miss Security Threat - By Michelle Hamilton - TechRepublic.com

http://articles.techrepublic.com.com/5100-10878_11-5060008.html

Friday, January 1, 2010

Bill's Recommendations - It's Book Time! - One Second After

Stop for a moment, and think about what you are doing this very minute......

You obviously are reading this post and possibly looking at other online media while enjoying your iTunes or whatnot. Somewhere off the coast of or in the U.S., some Terrorists or rouge nation have just launched an attack. It comes in the form of single missile tipped with a nuke that detonates in the upper atmosphere. At that moment, your laptop, cell phone, lights and pretty much anything plugged in shuts off and never turns back on. You are just fine, so you wonder what just happened? You also find that your car no longer starts. Something bad HAS happened, and you don't even know. Communication is cut, transportation is cut, and panic soon sets in.

Folks, Electro-Magnetic Pulse or EMP for short, is a real threat to anything with a microchip in it. It's a major security issue and should be handled as such. Most people think that the threat is possible but not likely, so money and time is not invested in retrofitting or "hardening" our infrastructure. Since we are all dependant on technology that we have grown accustomed to, in some cases, not being able to live without should scare us all enough to want to act.

I recommend that you go to your local library and ask for or download to your Sony or Kindle eReader the book titled, "One Second After" by William Forstchen and read it (ISBN-10:0-7653-1758-3). I couldn't put it down because it really made be me stop and think about how dependant we as a society are on technology and how easy it can be to become disconnected with everyone around us. This book is a Sci-Fi novel, but the information it is based upon is real. I enjoyed this book because it's the first novel I have read in a while that actually interested me enough to continue to read to the end and even recommend. I hope you find it as good as I did.

It's Official - Acer is now my laptop of choice

It's been a couple of weeks since I have posted anything. The holidays tend to be a busy time for my family and I. The other reason has been that my acer laptop suffered a hard disk failure.

This morning I woke up and was determined that I could be on the phone for at least an hour running through test after test and speaking with someone I could barely understand.

I spent a total of less than 10 minutes and I have a replacement part on the way within 3-8 business days. AMAZING!!! If this was Dell (sorry Dell, but last I spoke with support, it was rediculous.) I would still be on the phone arguing about not having to send the whole laptop back for a customer verified replacement part.

Acer products continue to amaze me as far as qaulity, value and service. I highly recommend that if you are looking at purchasing a notebook, that you give them a try.